Bitcoin is a digital currency which relies on a distributed set of
miners to mint coins and on a peer-to-peer network to broadcast
transactions. The identities of Bitcoin users are hidden behind
pseudonyms (public keys) which are recommended to be changed
frequently in order to increase transaction unlinkability.
We present an efficient method to deanonymize Bitcoin users, which
allows to link user pseudonyms to the IP addresses where the
transactions are generated. Our techniques work for the most common
and the most challenging scenario when users are behind NATs or
firewalls of their ISPs. They allow to link transactions of a user
behind a NAT and to distinguish connections and transactions of
different users behind the same NAT. We also show that a natural
countermeasure of using Tor or other anonymity services can be cut-off
by abusing anti-DoS countermeasures of the bitcoin network. Our
attacks require only a few machines and have been experimentally
verified. We propose several countermeasures to mitigate these new
attacks.